Pierwsze - nie pisz posta pod postem - uzywaj edycji. Informacje o HijackThis znajdziesz w przykejonych tematach w tym dziale. Jedyne co znalazłem to plik [quote]C:\WINDOWS\system32\57E2900693.sys[/quote] PS Ten Power Manager to Ty sam instalowałeś ?? Zadanie w Harmonogramie - Low Battery Alarm Program.job - obejrzyj również.

Hijacka - a tego to gdzie znajde ??

comboFix ComboFix 07-10-25.4 - dom 2007-10-26 0:25:27.1 - NTFSx86 Running from: C:\Documents and Settings\dom\Pulpit\ComboFix.exe * Created a new restore point . ((((((((((((((((((((((((( Files Created from 2007-09-25 to 2007-10-25 ))))))))))))))))))))))))))))))) . 2007-10-26 00:23 51,200 --a------ C:\WINDOWS\NirCmd.exe 2007-10-24 23:13 129,784 --------- C:\WINDOWS\system32\pxafs.dll 2007-10-24 23:02 120,056 --------- C:\WINDOWS\system32\pxcpyi64.exe 2007-10-24 23:02 118,520 --------- C:\WINDOWS\system32\pxinsi64.exe 2007-10-24 23:01 d-------- C:\Program Files\DivX 2007-10-23 23:34 d-a------ C:\Documents and Settings\All Users\Dane aplikacji\TEMP 2007-10-22 22:40 626,688 --a------ C:\WINDOWS\system32\msvcr80.dll 2007-10-22 21:48 d-------- C:\Program Files\MarBit 2007-10-22 20:11 d-------- C:\Documents and Settings\dom\Dane aplikacji\Leadertech 2007-10-20 20:22 d-------- C:\Documents and Settings\dom\Dane aplikacji\AdobeAUM 2007-10-06 11:28 450,560 --a------ C:\WINDOWS\system32\mcs_cor1.dll 2007-10-06 11:28 172,032 --a------ C:\WINDOWS\system32\mcs_cor2.dll 2007-10-06 09:39 d-------- C:\Program Files\DevGuru 2007-10-06 09:39 319,456 --a------ C:\WINDOWS\system32\drivers\DIFxAPI.dll 2007-10-06 09:22 d-------- C:\Documents and Settings\dom\Dane aplikacji\Media Player Classic 2007-10-06 09:17 19,968 --a------ C:\WINDOWS\system32\cpuinf32.dll 2007-10-06 00:51 157,696 --a------ C:\WINDOWS\system32\unrar.dll 2007-09-28 18:08 156,992 --a------ C:\WINDOWS\system32\DivXCodecVersionChecker.exe 2007-09-28 18:07 3,596,288 --a------ C:\WINDOWS\system32\qt-dx331.dll 2007-09-28 18:07 1,044,480 --a------ C:\WINDOWS\system32\libdivx.dll 2007-09-28 18:07 524,288 --a------ C:\WINDOWS\system32\DivXsm.exe 2007-09-28 18:07 200,704 --a------ C:\WINDOWS\system32\ssldivx.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2007-10-25 21:59 --------- d-----w C:\Documents and Settings\dom\Dane aplikacji\Skype 2007-10-23 20:56 --------- d-----w C:\Program Files\Gadu-Gadu 2007-10-23 20:55 --------- d-----w C:\Program Files\Power Manager 2007-10-23 20:55 --------- d-----w C:\Program Files\PC Connectivity Solution 2007-10-23 20:55 --------- d-----w C:\Program Files\Office Mouse Driver 2007-10-23 20:55 --------- d-----w C:\Program Files\Apoint2K 2007-10-21 11:03 35,376 ----a-w C:\Documents and Settings\dom\Dane aplikacji\GDIPFONTCACHEV1.DAT 2007-10-18 21:25 --------- d-----w C:\Program Files\Java 2007-10-17 21:11 --------- d-----w C:\Documents and Settings\dom\Dane aplikacji\PC Suite 2007-10-12 20:58 --------- d-----w C:\Program Files\Picasa2 2007-09-28 16:07 43,528 ------w C:\WINDOWS\system32\drivers\pxhelp20.sys 2007-09-28 16:05 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll 2007-09-28 16:05 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll 2007-09-28 16:05 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll 2007-09-28 16:05 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll 2007-09-28 16:05 739,840 ----a-w C:\WINDOWS\system32\DivX.dll 2007-09-28 16:05 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll 2007-09-28 16:05 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll 2007-09-28 16:05 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll 2007-09-28 16:05 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll 2007-09-28 16:05 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll 2007-09-28 16:05 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll 2007-09-28 16:05 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll 2007-09-28 16:05 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll 2007-09-23 20:00 --------- d-----w C:\Program Files\MidiMeow 2007-09-23 19:52 --------- d-----w C:\Program Files\CDex_151 2007-09-23 19:40 --------- d-----w C:\Documents and Settings\dom\Dane aplikacji\Nokia Multimedia Player 2007-09-11 13:24 --------- d--h--w C:\Program Files\InstallShield Installation Information 2007-09-11 13:24 --------- d-----w C:\Program Files\e-Kiosk Reader 2007-09-11 13:24 --------- d-----w C:\Program Files\BearShare 2007-09-08 06:55 --------- d-----w C:\Program Files\Fakturka 2007-09-06 10:09 801,144 ----a-w C:\WINDOWS\system32\aswBoot.exe 2007-09-06 10:05 94,416 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys 2007-09-06 10:05 92,848 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys 2007-09-06 10:03 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys 2007-09-06 10:02 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys 2007-09-06 10:00 95,608 ----a-w C:\WINDOWS\system32\AVASTSS.scr 2007-09-06 10:00 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys 2007-08-21 06:18 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll 2007-07-30 17:19 92,504 ----a-w C:\WINDOWS\system32\cdm.dll 2007-07-30 17:19 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll 2007-07-30 17:19 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe 2007-07-30 17:19 43,352 ----a-w C:\WINDOWS\system32\wups2.dll 2007-07-30 17:19 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll 2007-07-30 17:19 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll 2007-07-30 17:19 1,712,984 ----a-w C:\WINDOWS\system32\wuaueng.dll 2007-07-30 17:18 33,624 ----a-w C:\WINDOWS\system32\wups.dll 2007-01-06 07:50 628 ----a-w C:\Documents and Settings\dom\Dane aplikacji\wklnhst.dat 2007-02-21 08:05:23 56 --sh--r C:\WINDOWS\system32\57E2900693.sys . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "PowerManager"="C:\Program Files\Power Manager\PM.exe" [2005-08-19 10:11] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50] "SpeedTouch USB Diagnostics"="C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" [2004-08-06 09:45] "BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-04 14:00 C:\WINDOWS\system32\bthprops.cpl] "Apoint"="C:\Program Files\Apoint2K\Apoint.exe" [2003-12-05 14:22] "SMSERIAL"="sm56hlpr.exe" [2005-07-06 04:47 C:\WINDOWS\sm56hlpr.exe] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 12:06] "SoundMan"="SOUNDMAN.EXE" [2005-05-17 18:48 C:\WINDOWS\soundman.exe] "PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-03-23 13:20] "WireLessMouse"="C:\Program Files\Office Mouse Driver\StartAutorun.exe" [2005-11-30 12:48] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 14:00] "Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2006-10-13 18:20] [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "Nokia.PCSync"=C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog "Picasa Media Detector"=C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\Documents and Settings\All Users\Menu Start\Programy\AutostartAdobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2006-07-14 20:20:34] Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-24 08:05:26] Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 10:01:04] R0 SiSRaid2;SiSRaid2;C:\WINDOWS\system32\drivers\SiSRaid2.sys R0 viamraid;viamraid;C:\WINDOWS\system32\drivers\viamraid.sys R2 IOSLINK;IOSLINK;\??\C:\WINDOWS\system32\drivers\IosLink.sys R3 EKBfltr;ENE Keyboard Controller;C:\WINDOWS\system32\DRIVERS\EKBfltr.sys R3 WINIO;WINIO;\??\C:\Program Files\Power Manager\winio.sys S3 PID_0920;Logitech QuickCam Express(PID_0920);C:\WINDOWS\system32\DRIVERS\LV532AV.SYS S3 usbscan;Sterownik skanera USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys S3 USBSTOR;Sterownik magazynu masowego USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS *Newly Created Service* - CATCHME *Newly Created Service* - WINIO . Contents of the 'Scheduled Tasks' folder "2007-01-24 21:38:41 C:\WINDOWS\Tasks\Low Battery Alarm Program.job" . ************************************************************************** catchme 0.3.1232 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-10-26 00:28:09 Windows 5.1.2600 Dodatek Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... ************************************************************************** . Completion time: 2007-10-26 0:29:29 . --- E O F ---

Po tym logu nic nie widać. Pokaż tego Combofixa i Hijacka też wrzuć.

Pokazuje się na parę sekund,a mój angielski ....](*,) Spróbuję ten drugi link.

A info to jaką ma treść ?? Bo od tego zależy co dalej z nim. Loga Combofixa też możesz zrobić i pokazać - [url]http://cybertrash.pl/images/tata/ComboFix.html[/url] Update: Widzę, że znalzałeś co trzeba ;)

Puściełm tego Silent ale nie wiem o co chodzi, po minucie pokazuje krótko info po angielsku i znika. Na pulpicie pokazało się to: Żółty proszę o pomoc. "Silent Runners.vbs", revision 52, http://www.silentrunners.org/ Operating System: Windows XP SP2 Output limited to non-default values, except where indicated by "{++}" Startup items buried in registry: --------------------------------- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++} "CTFMON.EXE" = "C:\WINDOWS\system32\ctfmon.exe" [MS] "Skype" = ""C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized" ["Skype Technologies S.A."] HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ {++} "PowerManager" = "C:\Program Files\Power Manager\PM.exe" [empty string] "NeroFilterCheck" = "C:\WINDOWS\system32\NeroCheck.exe" ["Ahead Software Gmbh"] "SpeedTouch USB Diagnostics" = ""C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon" ["THOMSON Telecom Belgium"] "BluetoothAuthenticationAgent" = "rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent" [MS] "Apoint" = "C:\Program Files\Apoint2K\Apoint.exe" ["Alps Electric Co., Ltd."] "SMSERIAL" = "sm56hlpr.exe" ["Motorola Inc."] "avast!" = "C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" ["ALWIL Software"] "SoundMan" = "SOUNDMAN.EXE" ["Realtek Semiconductor Corp."] "PCSuiteTrayApplication" = "C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup" ["Nokia"] "WireLessMouse" = "C:\Program Files\Office Mouse Driver\StartAutorun.exe MouseDrv.exe" [empty string] "SunJavaUpdateSched" = ""C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"" ["Sun Microsystems, Inc."] HKLM\Software\Microsoft\Active Setup\Installed Components>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}\(Default) = "Outlook Express" \StubPath = "C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigOE" [MS] HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = (no title provided) -> {HKLM...CLSID} = "AcroIEHlprObj Class" \InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll" ["Adobe Systems Incorporated"] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided) -> {HKLM...CLSID} = "SSVHelper Class" \InProcServer32\(Default) = "C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll" ["Sun Microsystems, Inc."] HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved"{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Rozszerzenie CPL kadrowania wyświetlania" -> {HKLM...CLSID} = "Rozszerzenie CPL kadrowania wyświetlania" \InProcServer32\(Default) = "deskpan.dll" [file not found] "{88895560-9AA2-1069-930E-00AA0030EBC8}" = "Rozszerzenie ikony HyperTerminalu" -> {HKLM...CLSID} = "HyperTerminal Icon Ext" \InProcServer32\(Default) = "C:\WINDOWS\system32\hticons.dll" ["Hilgraeve, Inc."] "{B327765E-D724-4347-8B16-78AE18552FC3}" = "NeroDigitalIconHandler" -> {HKLM...CLSID} = "NeroDigitalIconHandler Class" \InProcServer32\(Default) = "C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll" ["Nero AG"] "{7F1CF152-04F8-453A-B34C-E609530A9DC8}" = "NeroDigitalPropSheetHandler" -> {HKLM...CLSID} = "NeroDigitalPropSheetHandler Class" \InProcServer32\(Default) = "C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll" ["Nero AG"] "{0006F045-0000-0000-C000-000000000046}" = "Microsoft Outlook Custom Icon Handler" -> {HKLM...CLSID} = "Rozszerzenie ikon plików programu Outlook" \InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office10\OLKFSTUB.DLL" [MS] "{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office10\msohev.dll" [MS] "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension" -> {HKLM...CLSID} = "WinRAR" \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data] "{472083B0-C522-11CF-8763-00608CC02F24}" = "avast" -> {HKLM...CLSID} = "avast" \InProcServer32\(Default) = "C:\Program Files\Alwil Software\Avast4\ashShell.dll" ["ALWIL Software"] "{416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A}" = "Nokia Phone Browser" -> {HKLM...CLSID} = "Nokia Phone Browser" \InProcServer32\(Default) = "C:\Program Files\Nokia\Nokia PC Suite 6\PhoneBrowser.dll" ["Nokia"] HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad"WPDShServiceObj" = "{AAA288BA-9A4C-45B0-95D7-94D524869DB5}" -> {HKLM...CLSID} = "WPDShServiceObj Class" \InProcServer32\(Default) = "C:\WINDOWS\system32\WPDShServiceObj.dll" [MS] HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify<> AtiExtEvent\DLLName = "Ati2evxx.dll" ["ATI Technologies Inc."] HKLM\Software\Classes\Folder\shellex\ColumnHandlers{7D4D6379-F301-4311-BEBA-E26EB0561882}\(Default) = "NeroDigitalExt.NeroDigitalColumnHandler" -> {HKLM...CLSID} = "NeroDigitalColumnHandler Class" \InProcServer32\(Default) = "C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll" ["Nero AG"] {F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = "PDF Column Info" -> {HKLM...CLSID} = "PDF Shell Extension" \InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll" ["Adobe Systems, Inc."] HKLM\Software\Classes\*\shellex\ContextMenuHandlersavast\(Default) = "{472083B0-C522-11CF-8763-00608CC02F24}" -> {HKLM...CLSID} = "avast" \InProcServer32\(Default) = "C:\Program Files\Alwil Software\Avast4\ashShell.dll" ["ALWIL Software"] WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" -> {HKLM...CLSID} = "WinRAR" \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data] HKLM\Software\Classes\Directory\shellex\ContextMenuHandlersWinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" -> {HKLM...CLSID} = "WinRAR" \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data] HKLM\Software\Classes\Folder\shellex\ContextMenuHandlersavast\(Default) = "{472083B0-C522-11CF-8763-00608CC02F24}" -> {HKLM...CLSID} = "avast" \InProcServer32\(Default) = "C:\Program Files\Alwil Software\Avast4\ashShell.dll" ["ALWIL Software"] WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" -> {HKLM...CLSID} = "WinRAR" \InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data] Group Policies {policy setting}: -------------------------------- Note: detected settings may not have any effect. HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System "shutdownwithoutlogon" = (REG_DWORD) hex:0x00000001 {Shutdown: Allow system to be shut down without having to log on} "undockwithoutlogon" = (REG_DWORD) hex:0x00000001 {Devices: Allow undock without having to log on} Active Desktop and Wallpaper: ----------------------------- Active Desktop may be disabled at this entry: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState Displayed if Active Desktop enabled and wallpaper not set by Group Policy: HKCU\Software\Microsoft\Internet Explorer\Desktop\General"Wallpaper" = "C:\WINDOWS\Web\Wallpaper\Idylla.bmp" Displayed if Active Desktop disabled and wallpaper not set by Group Policy: HKCU\Control Panel\Desktop"Wallpaper" = "C:\WINDOWS\Web\Wallpaper\Idylla.bmp" Enabled Screen Saver: --------------------- HKCU\Control Panel\Desktop"SCRNSAVE.EXE" = "C:\PROGRA~1\Picasa2\Picasa2.scr" ["Google Inc."] Startup items in "dom" & "All Users" startup folders: ----------------------------------------------------- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart "Adobe Gamma Loader" -> shortcut to: "C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe" ["Adobe Systems, Inc."] "Adobe Reader Speed Launch" -> shortcut to: "C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe" ["Adobe Systems Incorporated"] "Microsoft Office" -> shortcut to: "C:\Program Files\Microsoft Office\Office10\OSA.EXE -b -l" [MS] Enabled Scheduled Tasks: ------------------------ "Low Battery Alarm Program" -> WARNING -- The file "Low Battery Alarm Program.job" is corrupt! (no executable) Winsock2 Service Provider DLLs: ------------------------------- Namespace Service Providers HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++} 000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS] 000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS] 000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS] 000000000004\LibraryPath = "%SystemRoot%\system32\wshbth.dll" [MS] Transport Service Providers HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++} 0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range: %SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 34 %SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05 Running Services (Display Name, Service Name, Path {Service DLL}): ------------------------------------------------------------------ Ati HotKey Poller, Ati HotKey Poller, "C:\WINDOWS\system32\Ati2evxx.exe" ["ATI Technologies Inc."] avast! Antivirus, avast! Antivirus, ""C:\Program Files\Alwil Software\Avast4\ashServ.exe"" ["ALWIL Software"] avast! iAVS4 Control Service, aswUpdSv, ""C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe"" ["ALWIL Software"] avast! Web Scanner, avast! Web Scanner, ""C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service" ["ALWIL Software"] Bluetooth Support Service, BthServ, "C:\WINDOWS\system32\svchost.exe -k bthsvcs" {"C:\WINDOWS\System32\bthserv.dll" [MS]} ServiceLayer, ServiceLayer, ""C:\Program Files\PC Connectivity Solution\ServiceLayer.exe"" ["Nokia."] Windows Driver Foundation - User-mode Driver Framework, WudfSvc, "C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup" {"C:\WINDOWS\System32\WUDFSvc.dll" [MS]} Print Monitors: --------------- HKLM\System\CurrentControlSet\Control\Print\MonitorsHP Master Monitor\Driver = "HPBMMON.DLL" ["Hewlett-Packard"] HPLJ1020LM\Driver = "ZLhp1020.DLL" ["Zenographics, Inc."] Microsoft Shared Fax Monitor\Driver = "FXSMON.DLL" [MS] Monitor języka PJL\Driver = "PJLMON.DLL" [MS] ---------- (launch time: 2007-10-25 23:25:19) <>: Suspicious data at a malware launch point. + This report excludes default entries except where indicated. + To see *everywhere* the script checks and *everything* it finds, launch it from a command prompt or a shortcut with the -all parameter. + To search all directories of local fixed drives for DESKTOP.INI DLL launch points, use the -supp parameter or answer "No" at the first message box and "Yes" at the second message box. ---------- (total run time: 45 seconds, including 6 seconds for message boxes)

Loga Hijacka sprawdź sobie - w przyklejonym temacie znajdziesz informacje na jego temat. Jak będziesz miał wątpliwosci to pytaj. Jak czegoś nie będziesz w stanie usunąc to pokaż logi - Hijacka i Silent Runners - [url]http://www.silentrunners.org/Silent%20Runners.vbs[/url]

Jak odpalam IE to pokazuje mi się informacja, że mam taki cosik. Zniknęła strona startowa w IE, najpierw z automatu pokazywała sie stronka z informacją o moim IP, systemie operacyjnym i że mam to "coś" Po tym wnoszę, że coś mam Ciągle chciały mi się pobierać jakieś płatne antywirusy, które ponoć mi to "coś" usuną. Jak zrobiłem troszkę porządku to teraz się otwiera czysta strona startowa w IE, ale nie mogę ustawić, aby startówką była, jakakolwiek strona. Po kliknięciu ZASTOSUJ, PC się nie stosuje do moim życzeń. Myślisz, że to coś innego ??

Skąd wiesz że masz ??